At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you’re a close but not exact match with the description, we hope you’ll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny.
Klaviyo is building a world where creators are empowered to own their destiny. In support of this, our Security Trust & Risk team is focused on empowering our fellow Klaviyos to securely deliver value to and foster trust with our customers. We do this by building and leading highly efficient and effective security governance, risk management, compliance, and trust programs.
We’re seeking a highly motivated and collaborative Senior Security Risk Analyst who will help us accelerate our evolution in these key programs. You'll be instrumental in building the next generation of our risk management capabilities, working hand-in-hand with Engineering, IT, Security, and Leadership to establish a culture of informed risk decisions. By developing and implementing transparent, quantitative risk models and effectively communicating complex security insights, you'll directly enhance our security posture and protect our growing customer base.
What you’ll be doing
- Strengthen Klaviyo's security by using data-driven insights to improve our risk management program.
- Conduct comprehensive security risk assessments (application, infrastructure, business processes, vendor/third-party, internal/first-party)
- Collaborate on risk treatment strategies and influence prioritization across business units
- Develop/maintain risk registers, treatment plans, and track remediation
- Streamline and automate third-party risk assessments for faster completion and continuous monitoring at scale
- Build tools/processes for evidence-based risk decisions
- Communicate complex security risks effectively to technical and non-technical audiences
We’d love to hear from you if you have:
- Demonstrated experience designing, building, or implementing security controls, particularly within AWS environments
- Proven track record of conducting thorough security risk assessments, architecture reviews, and/or threat modeling to identify and analyze potential vulnerabilities
- Solid knowledge of security best practices relevant to SaaS platforms, IaaS infrastructure, Identity and Access Management (IAM), networking principles, and container technologies
- Exceptional ability to plan, prioritize, and execute complex projects cross-functionally, delivering results on time and collaborating effectively with diverse teams
- Excellent analytical and problem-solving skills with a focus on data-driven decision-making
- Strong alignment with Klaviyo’s core values
Bonus points if you have any of the following:
- Experience with data query languages, writing code, or integrating with web APIs
- Experience implementing FAIR or cyber risk quantification (CRQ) processes or tools
- Experience with business intelligence or data analytics platforms (Tableau, Domo, etc.)
- Experience with GRC tool or 3rd party risk management tools
Massachusetts Applicants:
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Our salary range reflects the cost of labor across various U.S. geographic markets. The range displayed below reflects the minimum and maximum target salaries for the position across all our US locations. The base salary offered for this position is determined by several factors, including the applicant’s job-related skills, relevant experience, education or training, and work location.
In addition to base salary, our total compensation package may include participation in the company’s annual cash bonus plan, variable compensation (OTE) for sales and customer success roles, equity, sign-on payments, and a comprehensive range of health, welfare, and wellbeing benefits based on eligibility. Please visit Klaviyo Rewards to find out more about our Total Rewards package.
Your recruiter can provide more details about the specific salary/OTE range for your preferred location during the hiring process.
Get to Know Klaviyo
We’re Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we’re developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators—ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you’re ready to do the best work of your career, where you’ll be welcomed as your whole self from day one and supported with generous benefits, we hope you’ll join us.
Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law.